Statuses of mobile devices

Mobile device statuses defined by Kaspersky Security Center

Administration Console allows you to quickly assess the current status of Kaspersky Security Center and managed mobile devices by checking traffic lights. The traffic lights are shown in the workspace of the Administration Server node, in the Mobile Device Management folder, in the Mobile devices subfolder. The subfolder workspace displays a table of managed mobile devices.

A traffic light is a colored icon in the Management column of the table. Each traffic light can be any of these colors (see the table Color codes of traffic lights). The color of a traffic light depends on the current status of Kaspersky Security Center and on the events that were logged.

A device can have one of the following statuses: OK, Critical, or Warning.

The statuses are assigned and sent to Kaspersky Security Center, in accordance with the following requirements:

One reason for status assignment is detected on the device — the device gets the status which is displayed in the list of managed devices.
Several reasons for status assignment are detected on the device — Kaspersky Secure Mobility Management selects the most critical status and sets it as general.

No reasons for status assignment are detected on the device — Kaspersky Secure Mobility Management does not send the structure of statuses to Kaspersky Security Center, and the status is set as OK.

Color codes of traffic lights

Icon	Status	Traffic light color meaning
	Light blue Mobile device detected on the network and included in none of the administration groups.	Events have been logged that are unrelated to potential or actual threats to the security of managed devices.
	Green Mobile device included in an administration group, with the OK status.	An administrator's intervention is not required.
	Yellow Mobile device included in an administration group, with the Warning status.	Events have been logged that are related to potential or actual threats to the security of managed devices.
	Red Mobile device included in an administration group, with the Critical status.	Serious problems have been encountered. An administrator's intervention is required to solve them.
	Mobile device included in an administration group, having lost its connection with the Administration Server.	Can be any of the colors: light blue, green, yellow, red.

The administrator's goal is to keep traffic lights green on all of the devices.

You can select Properties from the context menu of the mobile device, and then go to the Protection section to view the logged events that affect traffic lights and the status of Kaspersky Security Center (see the table Name, description, and traffic light colors of logged events).

Name, description, and traffic light colors of logged events

Traffic light color	Event type display name	Description
Red	License expired on %1 device(s)	Events of this type occur when the commercial license has expired. Once a day, Kaspersky Security Center checks whether the license has expired on the devices. When the commercial license expires, Kaspersky Security Center provides only basic functionality. To continue using Kaspersky Security Center, renew your commercial license.
Red	Security application is not running on: %1 device(s) This does not apply to iOS MDM devices.	Events of this type occur when the security application installed on the device is not running. Make sure that Kaspersky Endpoint Security is running on the device.
Red	Protection is disabled on: %1 device(s)	Events of this type occur when the security application on the device has been disabled for longer than the specified time interval. Check the current status of real-time protection on the device and make sure that all the protection components that you need are enabled.
Red	Critical events have been registered on the Administration Server	Events of this type occur when Administration Server critical events are detected. Check the list of events stored on the Administration Server, and then fix the critical events one by one.
Red	Errors have been logged in events on the Administration Server	Events of this type occur when unexpected errors are logged on the Administration Server side. Check the list of events stored on the Administration Server, and then fix the errors one by one.
Red	Lost connection to %1 device(s)	Events of this type occur when the connection between the Administration Server and the device is lost. View the list of disconnected devices, and then try to reconnect them.
Red	%1 device(s) have not connected to the Administration Server in a long time	Events of this type occur when the device has not connected to the Administration Server within the specified time interval, because the device was turned off. Make sure that the device is turned on and that Network Agent is running.
Red	Databases are outdated on: %1 device(s)	Events of this type occur when the anti-malware databases have not been updated on the device within the specified time interval. Follow the instructions to update Kaspersky databases.
Red	Active threats are detected on %1 device(s)	Events of this type occur when active threats are detected on managed devices. View information about the detected threats, and then follow the recommendations.
Red	Too many viruses have been detected on: %1 device(s)	Events of this type occur when viruses are detected on managed devices. View information about the detected viruses, and then follow the recommendations.
Red	Virus outbreak	Events of this type occur when the number of malicious objects detected on several managed devices exceeds the threshold within a short period of time. View information about the detected threats, and then follow the recommendations.
Yellow	Malware scan has not been performed in a long time on: %1 device(s)	Events of this type occur when you need to perform a malware scan on managed devices. Run a virus scan.
Green	Managed device(s): %3. Unassigned device(s) detected: %1	Events of this type occur when new devices are detected in administration groups.
Green	Security application is installed on all managed devices	Events of this type occur when Kaspersky Endpoint Security is installed on all managed devices.
Green	Kaspersky Security Center is functioning properly	Events of this type occur when Kaspersky Security Center is functioning properly.
Green	Protection is enabled	Events of this type occur when the real-time protection is enabled on managed devices.
Green	Security application is not installed	Events of this type occur when the anti-malware application is not installed on managed devices.
Green	Malware scan is running on schedule	Events of this type occur when the Malware scan task is running on schedule.
Light blue	End User License Agreement for Kaspersky mobile software has not been accepted	Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky mobile software.
Light blue	End User License Agreement for Kaspersky software updates has not been accepted	Events of this type occur when the administrator has not yet accepted the End User License Agreement for Kaspersky software updates.
Light blue	Kaspersky Security Network Statement for Kaspersky software updates has not been accepted	Events of this type occur when the administrator has not yet accepted the Kaspersky Security Network Statement for Kaspersky software updates.
Light blue	New versions of Kaspersky applications are available	Events of this type occur when new versions of Kaspersky applications are available for installation on managed devices.
Light blue	Updates are available for Kaspersky applications	Events of this type occur when updates are available for Kaspersky applications.
Light blue	Full scan has never been performed on %1 device(s)	Events of this type occur when a full scan has never been performed on the specified number of devices.

Mobile device statuses defined by Kaspersky Secure Mobility Management

These are additional statuses that function together with the statuses defined by Kaspersky Security Center (see the table Name, description, and traffic light colors of logged events).

Kaspersky Secure Mobility Management defines the status of mobile devices, based on the policy settings, and then sends the structure of statuses to Kaspersky Security Center when it is synchronized. The administrator can change the device status in the policy, depending on the severity level of the condition (see the table Default values, reasons, and conditions for status assignment). In this case, the value set by the administrator overrides the default value defined by Kaspersky Secure Mobility Management.

Default values, reasons, and conditions for status assignment

Condition	Reason for status assignment	Default value
Real-time protection is not running.	One of the following reasons: The Access to manage all files permission is not granted. Kaspersky Security Network is switched off.	Critical
Web Protection is not running.	One of the following reasons: The Accessibility permission is not granted. Web Protection is switched off by the user in Kaspersky Endpoint Security settings. The Ignore battery optimization permission is not granted. The agreement for Web Control is not accepted.	Warning
App Control is not running.	The Accessibility permission is not granted.	Warning
Device lock is not available.	One of the following reasons: The Device administrator permission is not granted. The Accessibility permission is not granted.	Warning
Device locate is not available.	One of the following reasons: The Location permission is not granted. The device location cannot be defined (when permission is granted).	Warning
The versions of the KSN Statement do not match.	The version of the Kaspersky Security Network Statement that the user accepted in the policy and the version of the Kaspersky Security Network Statement on the device do not match.	Warning
The versions of the Marketing Statement do not match.	The version of the Statement regarding data processing for marketing purposes that the user accepted in the policy and the version of the Statement regarding data processing for marketing purposes on the device do not match.	OK

Page top